Lucene search
Snare Central Security Vulnerabilities
cve
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.
7.2CVSS
7.3AI Score
0.001EPSS
2019-08-29 09:15 PM
21
cve
An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.
7.2CVSS
7AI Score
0.002EPSS
2019-08-29 09:15 PM
18